Hello This question might sound strange but if you have any idea I'd welcome it. We have a PCIe card with a CPU with integrated PCIe controller (LS1046A, as endpoint). If the CPU locks up then we need to reboot the PC to get the card running again which is obviously not really usable. We can issue a hard reset to the CPU but that will also reset the whole config area where the BARs and MSIs are setup. That in return kills the communication with the PC (understandable). I tried to save and restore the whole PCIe area to circumvent this problem. With the BAR values restored I get data exchange v ..read more

Inside my IOCTL callback function I need a way to determine the identity of the process that is trying to communicate with me so I can restrict communication to only my client side application. My thought process was to check the file name or the token key name since those should not be changed (the client verifies the file name is the same name it was shipped with). If you have a better idea please let me know but for now I am trying to figure out how to get the file name of the process that is sending an IOCTL request. To start off with I am using HANDLE ProcessId = PsGetCurrentProcessId ..read more

TL;DR The OSR Driver Development Community will transition to a new platform starting on Sunday, 24 March. The site will be in read-only mode from the start of the transition until the move is complete. When the move is complete, you shouldn't need to do anything: We expect usernames, passwords, and user-provided avatars to remain unchanged. You'll simply see a newer, more modern, look and feel. Long Version: On Sunday 24 March we will begin the process of changing both the underlying forum software that's used by the community as well as the hosting provider. Our goal in doing this is to prov ..read more

Hello everyone! I'm working on a project where I need to capture input from a computer's microphone. I want to process this input to merge it with another audio stream. This way, I can play the combined audio as if it's coming directly from the user's microphone. So far, I've attempted to capture microphone input, merge it with the other audio stream, and then output it using virtual cables. However, we're encountering significant latency issues. Our product is built on C#, and currently, we're utilizing NAudio for our audio processing needs. Despite trying every available API, we're strugglin ..read more

I am migrating the USB driver(written using WDM) from Windows 7 to Windows 10/11 operating systems. While running the Static Driver Verifier tool, it detected issues around RemoveLock for IRP. As per the code, when an IRP is received, IoRemoveLock is acquired with the IRP itself as a tag. The acquired IoRemoveLock with the IRP tag is released in the context of the completion routine of that particular IRP. But, SDV is detecting incorrectly for Acquiring and Releasing of IoRemoveLock. SDV is only checking for the IoAcquireRemovelock and IoReleaseRemoveLock pair, whereas ideally, it should check ..read more

hey, I have a driver , it compiles , barely any warnings , passes driver verifier and runs smoothly (I don’t feel any change as a user of the system) Saying that I’m sure there are proper guidelines you guys at OSR follow to test your drivers , whilst I’m not asking for a step by step testing process description , I was wondering if there are any other recommended tests I should add into my testing scheme , and perhaps when it’s best to run them in the development process ..read more

My Callout currently gets registered to the OUTBOUND_TRANSPORT layer. Is it allowed to use FwpsInjectNetworkSendAsync0 (I need to set the source IP)? It seems to work, however I am experiencing a memory leak: Wfpn 1011615 663619568 0 0 WFP NBL info container , Binary: netio.sys Fwpn 1011608 404643200 0 0 WFP NBL info , Binary: fwpkclnt.sys NDnd 1011655 210574464 0 0 NDIS_TAG_POOL_NDIS , Binary: ndis.sys Fwpi 1011607 48557136 0 0 WFP injector info , Binary: fwpkclnt.sys Fwpc 1011607 48557 ..read more

I am writing a driver routine which adds an entry(upto maximum capacity) to the list at run time. (i.e analogous to dynamically increasing array) Once added, we store the base address of the dynamic list in a pointer which is then used for processing later on in other functions. I am looking for a driver construct that allows to add entry dynamically but at the same time is contiguous. I came across lookaside list in windows but not sure where to specify the depth, also the documentation is not clear whether the entries added to lookaside list are contiguous or not. I also explored using RtlAl ..read more

Hi there, I am working on studying benign applications. So, I would like to know where I can find the various categories that the executables present in System32 folder can be categorized based on their behavior (such as API calls made by them) and also the total list of each executable to which category they belong and reason. It is difficult to study these executables as there is no UI for most of the executables in this folder ..read more

Let's say we have two kernel mode drivers namely Driver A(sender) and Driver B(receiver). Driver A pends multiple asynchronous request to Driver B. Now lets say Driver B(receiver) wants to unload, how do we handle cancellation of pending request that are not yet completed. I am confused on following questions: 1. Is there some code that needs to be implemented in Driver A(sender) that tells Driver B that "Hey, since you are planning to unload, why don't you complete all the pending request with STATUS_CANCELLED" 2. From what I Know, we need to implement EvtCancel callback routinen in Driver B ..read more